It wasn’t until March 26 that the attackers actually began targeting two separate resources on GitHub, one of which housed content from GreatFire.org, a censorship monitoring organization in China. The other resource was Chinese language content from the New York Times. The attack on those resources lasted until April 7 and Provos said that the attack wouldn’t have been possible if all of the Web’s links were encrypted.
“Had the entire web already moved to encrypted traffic via TLS, such an injection attack would not have been possible. This provides further motivation for transitioning the web to encrypted and integrity-protected communication,” Provos said.
For the past week, the website “GitHub” has been under attack by China. In this post, I pin-point where the attack is coming from by doing an http-traceroute.
GitHub is a key infrastructure website for the Internet, being the largest host of open-source projects, most famously Linux. (I host my code there). It’s also a popular blogging platform.
Among the zillions of projects are https://github.com/greatfire and https://github.com/cn-nytimes. These are mirrors (copies) of the websites http://greatfire.com and http://cn.nytimes.com. GreatFire provides tools for circumventing China’s Internet censorship, the NYTimes contains news stories China wants censored.
China blocks the offending websites, but it cannot easily block the GitHub mirrors. It’s choices are either to block or allow everything on GitHub. Since GitHub is key infrastructure for open-source, blocking GitHub is not really a viable option.
Using my custom http-traceroute, I’ve proven that the man-in-the-middle machine attacking GitHub is located on or near the Great Firewall of China. While many explanations are possible, such as hackers breaking into these machines, the overwhelmingly most likely suspect for the source of the GitHub attacks is the Chinese government.
This is important evidence for our government. It’ll be interesting to see how they respond to these attacks — attacks by a nation state against key United States Internet infrastructure.
Most large hub motors that come out of China are based on the 9-Continents motor (or 9C). This is the most common direct drive hub motor on the market. Currently there are hundreds of Chinese factories churning out whats called “9C clones”. In China there is pretty much no respect for copyright law and once a design has proven itself to work well, it is replicated in bulk. The 9C clone is what the faster e-bike kits consist of, and is actually the same design that the new Crystalyte (read review) was based on. For a detailed explanation of what a 9C motor is made up, read our detailed story on the 9C motor.
9C hub motor clones come in all shapes and sizes. A customer who is making a large enough order can specify the diameter of the motor, the width of the magnets, the thickness of the copper wiring, and the thickness of the wires going into the motors. It’s amazing to see piles of hub motors which I know will bring many hours of joy to whoever owns one. It gets me juiced up and excited to think of all these delicious motors mounted to bicycles of all shapes and sizes all over the world.